New WMF Bug on the Loose

Just when you stopped having nightmares about the Windows MetaFile (WMF) bug of '05: now there's a new WMF exploit in the wild.

A researcher with the pseudonym of cyanid-E yesterday published a new WMF vulnerability, which he says he reported to Microsoft in late June. The vulnerability exploits the same GDI Client DLL library (gdi32.dll) as did the previous zero day WMF flaw WMF flaw, which was a major security problem for enterprises.

Unlike its predecessor, though, the new WMF vulnerability is considered low-risk -- so far, it only crashes Internet Explorer and other apps that use the DLL. But a determined and sophisticated hacker could exploit the hole to gain administrative privileges, says Paul Henry, vice president of strategic accounts for Secure Computing. Henry tested the exploit in his home lab and says it did crash apps on a fully patched Windows XP machine. Dark Reading - Application and Perimeter Security - New WMF Bug on the Loose - Security News Analysis